How To: Connector Two Factor Authentication

Release 4.1 introduces the ability to configure two factor authentication. To take advantage of this new functionality, the following steps must be performed.

  • Generate user certificate
  • Register user certificate via WebUI
  • Configure connector to use 2FA

Generate user certificate

  • Create a user key (user.key)

    openssl genrsa -des3 -out user.key 4096

  • Create a Certificate Signing Request (CSR)

    openssl req -new -key user.key -out user.csr

  • Sign a CSR using CA and generate the user's certificate; Sign the csr to a certificate valid for 365 days (adjust if needed)

    openssl x509 -req -days 365 -in user.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out user.crt

  • Construct a single PEM file with Key and Certificate inside

    cat user.key > user.pem; cat user.crt >> user.pem

Register user certificate via WebUI

Go to your account certificates and upload the generated user certificate (user.pem)


Configure connector to use 2FA

Update connector config to use 2FA

url =
2fa_ssl_certificate = /path/to/user.pem
Have more questions? Submit a request


Article is closed for comments.
Powered by Zendesk